[Top] [All Lists]

Re: [CQ-Contest] authentication for log submission

To: cq-contest@contesting.com
Subject: Re: [CQ-Contest] authentication for log submission
From: W0MU Mike Fatchett <w0mu@w0mu.com>
Date: Tue, 05 Jun 2012 12:06:18 -0600
List-post: <cq-contest@contesting.com">mailto:cq-contest@contesting.com>
Actually the question is how would the ARRL, NCJ or CQ know that   AA1AA 
submitted a 1.1 million score and then I submitted some other log for 
something less.

Nobody needs to get the original log.  It will take human intervention 
to figure out that there is something really wrong with the 2nd log 

Mike W0MU

W0MU-1 CC Cluster w0mu.net:23 or w0mu-1.dnsdynamic.com

On 6/5/2012 11:40 AM, Dick Green WC1M wrote:
> Don, you are a man after my own heart! I'm totally paranoid about security
> scenarios, which is one reason LoTW security is so tight.
> However, I think the scenario you describe isn't plausible. As I understand
> it, the scheme would be used in a case where two stations are close in
> score. It would involve the second-place station uploading an altered log
> for the first-place station after the first-place station uploaded his/her
> real log. The altered log would be mostly the same as the real log, but with
> a few QSOs omitted or a few calls or exchanges busted. It has to be an
> altered copy of the first-place station's log because if the log was a
> complete fake, none of the QSOs would match during log checking. I'm sure in
> such a scenario, where the log for a high claimed score generated a huge UBN
> deduction, the log would be visually inspected by a person. That would alert
> the contest sponsor and the first place station that something very fishy
> had happened. Therefore, the altered log must be a copy of the first-place
> station's log, with just enough QSOs altered to affect the standings.
> The question is, how does the second-place station get a copy of the
> first-place station's log? ARRL doesn't publish logs. I think CQ WW waits to
> do that until after log checking, but I'm not sure. If they don't, they
> should.
> The only way I can see pulling this off is if the cheater had a confederate
> who operated in the contest and generated a relatively high score, slightly
> less than the second place station's score. The confederate's log would be
> submitted under the call of the first-place station. But that depends on how
> the log-checking software determines the call sign. Is it solely from the
> Cabrillo header, or is the call in the header checked against the sender's
> call in the individual QSO records? In any case, this is a very risky ploy
> for the confederate because if the log is inspected visually by a person,
> which I believe happens with most high-scoring logs, the jig will be up.
> So, I don't think it would work. However, if there is a scenario that would
> work, the best solution would be to use the LoTW authentication system for
> log submissions. That would have the dual advantage of verifying the call
> sign in the log and allowing automatic submission of the log to the LoTW QSL
> system (something many have asked for.)
> 73, Dick WC1M
>> -----Original Message-----
>> From: Katsuhiro Kondou [mailto:kondou@voyackey.net]
>> Sent: Monday, June 04, 2012 10:29 PM
>> To: cq-contest@contesting.com
>> Subject: [CQ-Contest] authentication for log submission
>> Change the subject from the original, and removed related References
>> headers.
>> In article<4FCC7194.3080802@ei5di.com>,
>>      "Paul O'Kane"<pokane@ei5di.com>  wrote,
>>      on "Mon, 04 Jun 2012 09:28:04 +0100";
>> } In the days of paper logs, we had to submit a signed } declaration
>> with each log.  With electronic logs, the } declaration is assumed, but
>> largely forgotten.  One } practical solution is for the logging software
>> to } display the declaration and ask for the operator's } agreement, by
>> having to type the word YES, before the } Cabrillo log is created.
>> }
>> } The declaration, in effect a pledge that is renewed } with each entry,
>> is good enough for me.
>> I'm not sure this was discussed before, but this reminds me that someone
>> who has malicious intention may submit other station's log to defeat the
>> station after first submission by actual station.
>> There looks no authentication method to verify the station for major
>> contests(please correct me if I am wrong).  Complicated method to
>> authenticate the station may lead decreasing the number of log
>> submission, so this may not be applied to all stations.  But I think
>> there should be some method to authenticate at least for stations who
>> want to win a prize.
>> Please ignore this message if my concern is baseless fear, the contest
>> sponsors have already taken care of this, or we can trust everybody
>> since we all have good morals.
>> --
>> Katsuhiro "Don" Kondou, JH5GHM
>> Tokyo, JAPAN
> _______________________________________________
> CQ-Contest mailing list
> CQ-Contest@contesting.com
> http://lists.contesting.com/mailman/listinfo/cq-contest
CQ-Contest mailing list

<Prev in Thread] Current Thread [Next in Thread>